Articles

Anyone using Microsoft DirectAccess for remote connectivity is making use of something called the Name Resolution Policy Table (NRPT). This NRPT is a client-side table of settings that essentially tells the DirectAccess client what namespaces to resolve inside the DirectAccess tunnels, and which namespaces to exclude from those DA tunnels. […]

Microsoft DirectAccess is an extremely secure method for connecting your domain-joined workstations back to the corporate network whenever those machines have Internet access. Whether at home, a hotel, or a coffee shop – the beauty of DA is that it automatically connects from anywhere, without users needing to launch any […]

Unfortunately this is now a very common question, and the answer will probably surprise many of you. With the recent release of the updated Always On VPN (AOVPN) capability in Windows 10 1709, many Microsoft remote access customers are being left with the impression that DirectAccess (DA) is on the […]

When companies deploy Microsoft DirectAccess, it is quite common to discover one or more applications that will not connect successfully over those DirectAccess tunnels. Typically this happens with older legacy applications, but many current and up-to-date apps can suffer from this behavior as well. The core problem with these applications […]

Many years ago I wrote a blog post regarding the (then current) Windows 7 DirectAccess Connectivity Assistant (DCA) log file and how to make sense of the contents when troubleshooting a Microsoft DirectAccess connection from the client’s perspective. While Windows 8 and 10 now have an updated Network Connectivity Assistant […]

Most companies running Microsoft DirectAccess for their remote access needs rely on it enough that they have taken the steps of creating a DirectAccess cluster with two or more DirectAccess servers. While DA clustering does not actually have anything to do with Windows Server clustering, it creates a fully active/active […]

I recently discovered what I think we can officially classify as a “bug” in the Remote Access Management Console, that you may encounter if/when you ever need to rebuild one of your DirectAccess servers. Let’s lay out an example based on the scenario I found myself in: Say you are […]

As a follow-up to my last post about connecting branch offices via DirectAccess, what if that branch office has a local server? Maybe you have an onsite RODC to make authentications faster. Or perhaps a local file server so the branch office computers don’t have to reach over the WAN […]

The DirectAccess “Branch Office Scenario” is something we discuss often with customers, but I don’t see too many people actually employ this powerful idea. How do you connect your branch offices today? Site-to-site VPN? Those aren’t always the most stable things in the world. MPLS? Better, but how much do […]

Microsoft DirectAccess is an amazing remote access technology that knocks the socks off any other VPN-like technology on the market. If you are still deploying VPN software and handling support calls about VPN connections, you are using the wrong solution for remote access. DirectAccess is automatic, its tunnels are established […]